LDAP sync thrown a null pointer exception and disables users
search cancel

LDAP sync thrown a null pointer exception and disables users


Article ID: 204148


Updated On:


CA Automic Workload Automation - Automation Engine


A faulty execution of the LDAP Sync has disabled several accounts. Jobs could no longer be executed. 

The following error is displayed in the LDAP sync log:

2020-11-26 16:16:13.628 [main] c.a.s.l.l.LDAPService                    ERROR  null
java.lang.NullPointerException: null
 at org.apache.directory.ldap.client.api.LdapNetworkConnection.connect(LdapNetworkConnection.java:670)
 at org.apache.directory.ldap.client.api.LdapNetworkConnection.searchAsync(LdapNetworkConnection.java:1844)

Subsequently, the application detects a difference between users in LDAP and in the AE system. Instead of retrying after the failing connection a Group is removed and users deactivated:

2020-11-26 16:16:13.630 [main] c.a.s.l.s.AESynchronizationStep          INFO   ===== Start sync g-UC4-4200-qa -> SSMS_USER_GROUP
2020-11-26 16:16:13.630 [main] c.a.s.l.s.AESynchronizationStep          INFO   Find differences between LDAP server and AE server...
2020-11-26 16:16:13.630 [main] c.a.s.l.s.AESynchronizationStep          INFO   Fetching users from LDAP...
2020-11-26 16:16:13.746 [main] c.a.s.l.s.AESynchronizationStep          INFO   ...found 2 users from LDAP groups g-UC4-4200-qa
2020-11-26 16:16:13.746 [main] c.a.s.l.s.AESynchronizationStep          INFO   Fetching users from AE...
2020-11-26 16:16:14.355 [main] c.a.s.l.s.AESynchronizationStep          INFO   ...found 41 user from client 4200, 14 user in group SSMS_USER_GROUP
2020-11-26 16:16:14.394 [main] c.a.s.l.s.AESynchronizationStep          INFO   Found 22 difference(s) between LDAP server and AE server
2020-11-26 16:16:14.395 [main] c.a.s.l.s.AESynchronizationStep          INFO   Apply changes on AE server...


Release : 12.3

Component : LDAPSYNC


This is a bug


Issue has been fixed in LDAPSync v2.3.1 - Available

Additional Information

As important to prevent an issue you have to add the parameter retryConnect=10 to the different LDAPSync.xml configuration files.


Also searchTimeout=60 seconds, should be set to prevent that upon retry the sync times outs to quickly.